mirror of
https://github.com/openfoodfoundation/openfoodnetwork
synced 2026-01-26 20:56:48 +00:00
c7a5dd65cf
This will speed up specs as it ensures the stripe is always disabled and its JS script is not loaded
172 lines
5.9 KiB
Ruby
172 lines
5.9 KiB
Ruby
require 'spec_helper'
|
|
|
|
describe Admin::StripeAccountsController, type: :controller do
|
|
let(:enterprise) { create(:distributor_enterprise) }
|
|
|
|
before do
|
|
allow(Stripe).to receive(:client_id) { "some_id" }
|
|
end
|
|
|
|
describe "#connect" do
|
|
before do
|
|
allow(controller).to receive(:spree_current_user) { enterprise.owner }
|
|
end
|
|
|
|
it "redirects to Stripe Authorization url constructed OAuth" do
|
|
spree_get :connect, enterprise_id: 1 # A deterministic id results in a deterministic state JWT token
|
|
|
|
expect(response).to redirect_to("https://connect.stripe.com/oauth/authorize?state=eyJhbGciOiJIUzI1NiJ9.eyJlbnRlcnByaXNlX2lkIjoiMSJ9.jSSFGn0bLhwuiQYK5ORmHWW7aay1l030bcfGwn1JbFg&scope=read_write&client_id=some_id&response_type=code")
|
|
end
|
|
end
|
|
|
|
describe "#destroy" do
|
|
let(:params) { { format: :json, id: "some_id" } }
|
|
|
|
context "when the specified stripe account doesn't exist" do
|
|
it "raises an error?" do
|
|
spree_delete :destroy, params
|
|
end
|
|
end
|
|
|
|
context "when the specified stripe account exists" do
|
|
let(:stripe_account) { create(:stripe_account, enterprise: enterprise) }
|
|
|
|
before do
|
|
# So that we can stub #deauthorize_and_destroy
|
|
allow(StripeAccount).to receive(:find) { stripe_account }
|
|
params[:id] = stripe_account.id
|
|
end
|
|
|
|
context "when I don't manage the enterprise linked to the stripe account" do
|
|
let(:some_user) { create(:user) }
|
|
|
|
before { allow(controller).to receive(:spree_current_user) { some_user } }
|
|
|
|
it "redirects to unauthorized" do
|
|
spree_delete :destroy, params
|
|
expect(response).to redirect_to unauthorized_path
|
|
end
|
|
end
|
|
|
|
context "when I manage the enterprise linked to the stripe account" do
|
|
before { allow(controller).to receive(:spree_current_user) { enterprise.owner } }
|
|
|
|
context "and the attempt to deauthorize_and_destroy succeeds" do
|
|
before { allow(stripe_account).to receive(:deauthorize_and_destroy) { stripe_account } }
|
|
|
|
it "redirects to unauthorized" do
|
|
spree_delete :destroy, params
|
|
expect(response).to redirect_to edit_admin_enterprise_path(enterprise)
|
|
expect(flash[:success]).to eq "Stripe account disconnected."
|
|
end
|
|
end
|
|
|
|
context "and the attempt to deauthorize_and_destroy fails" do
|
|
before { allow(stripe_account).to receive(:deauthorize_and_destroy) { false } }
|
|
|
|
it "redirects to unauthorized" do
|
|
spree_delete :destroy, params
|
|
expect(response).to redirect_to edit_admin_enterprise_path(enterprise)
|
|
expect(flash[:error]).to eq "Failed to disconnect Stripe."
|
|
end
|
|
end
|
|
end
|
|
end
|
|
end
|
|
|
|
describe "#status" do
|
|
let(:params) { { format: :json, enterprise_id: enterprise.id } }
|
|
|
|
around do |example|
|
|
original_stripe_connect_enabled = Spree::Config[:stripe_connect_enabled]
|
|
example.run
|
|
Spree::Config.set(stripe_connect_enabled: original_stripe_connect_enabled)
|
|
end
|
|
|
|
before do
|
|
allow(Stripe).to receive(:api_key) { "sk_test_12345" }
|
|
Spree::Config.set(stripe_connect_enabled: false)
|
|
end
|
|
|
|
context "when I don't manage the specified enterprise" do
|
|
let(:user) { create(:user) }
|
|
|
|
before do
|
|
allow(controller).to receive(:spree_current_user) { user }
|
|
end
|
|
|
|
it "redirects to unauthorized" do
|
|
spree_get :status, params
|
|
expect(response).to redirect_to unauthorized_path
|
|
end
|
|
end
|
|
|
|
context "when I manage the specified enterprise" do
|
|
before do
|
|
allow(controller).to receive(:spree_current_user) { enterprise.owner }
|
|
end
|
|
|
|
context "when Stripe is not enabled" do
|
|
it "returns with a status of 'stripe_disabled'" do
|
|
spree_get :status, params
|
|
json_response = JSON.parse(response.body)
|
|
expect(json_response["status"]).to eq "stripe_disabled"
|
|
end
|
|
end
|
|
|
|
context "when Stripe is enabled" do
|
|
before { Spree::Config.set(stripe_connect_enabled: true) }
|
|
|
|
context "when no stripe account is associated with the specified enterprise" do
|
|
it "returns with a status of 'account_missing'" do
|
|
spree_get :status, params
|
|
json_response = JSON.parse(response.body)
|
|
expect(json_response["status"]).to eq "account_missing"
|
|
end
|
|
end
|
|
|
|
context "when a stripe account is associated with the specified enterprise" do
|
|
let!(:account) { create(:stripe_account, stripe_user_id: "acc_123", enterprise: enterprise) }
|
|
|
|
context "but access has been revoked or does not exist on stripe's servers" do
|
|
before do
|
|
stub_request(:get, "https://api.stripe.com/v1/accounts/acc_123").to_return(status: 404)
|
|
end
|
|
|
|
it "returns with a status of 'access_revoked'" do
|
|
spree_get :status, params
|
|
json_response = JSON.parse(response.body)
|
|
expect(json_response["status"]).to eq "access_revoked"
|
|
end
|
|
end
|
|
|
|
context "which is connected" do
|
|
let(:stripe_account_mock) do
|
|
{
|
|
id: "acc_123",
|
|
business_name: "My Org",
|
|
charges_enabled: true,
|
|
some_other_attr: "something"
|
|
}
|
|
end
|
|
|
|
before do
|
|
stub_request(:get, "https://api.stripe.com/v1/accounts/acc_123").to_return(body: JSON.generate(stripe_account_mock))
|
|
end
|
|
|
|
it "returns with a status of 'connected'" do
|
|
spree_get :status, params
|
|
json_response = JSON.parse(response.body)
|
|
expect(json_response["status"]).to eq "connected"
|
|
# serializes required attrs
|
|
expect(json_response["business_name"]).to eq "My Org"
|
|
# ignores other attrs
|
|
expect(json_response["some_other_attr"]).to be nil
|
|
end
|
|
end
|
|
end
|
|
end
|
|
end
|
|
end
|
|
end
|